8597265907ddbcb7e9b710816726b6c1_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8597265907ddbcb7e9b710816726b6c1_JC.exe
Size

481KB
MD5

8597265907ddbcb7e9b710816726b6c1
SHA1

7032aecf7325ac60105a6e15f5889f0ca4af929d
SHA256

1f9e0abb0a8184de2e13abcec2c00e37f2533e84840859391c00d5c6f23fa11b
SHA512

5fbd7add071b5da13d37c3dd8bf73af6b90c6bb66c76b6fb8b394e4e08628140bac7c145a41786d08e8a18202c216246f0f0832fad0059b33c129363c73dea23
SSDEEP

12288:H5lgu8MLM/78hssWWlhD2rlPpFBBvpeJMP:H5lf88M/wJWWCxeJMP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8597265907ddbcb7e9b710816726b6c1_JC.exe

Files

8597265907ddbcb7e9b710816726b6c1_JC.exe
.exe windows:5 windows x86

46b9336adb2f672dcc7203d78b439246

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DestroyMenu

advapi32

RegQueryValueExW

shell32

ShellExecuteW

ws2_32

recv

iphlpapi

GetAdaptersInfo

oleacc

LresultFromObject

gdi32

DeleteDC

winspool.drv

DocumentPropertiesW

oleaut32

VariantClear

Sections

.text
Size: 450KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE